Wearables are rapidly making their way into the enterprise – and CIOs who want to stay ahead of the curve are taking notice.
The CEA projects that 30.9 million consumer wearables will be sold in 2015 – the majority of which will be smartwatches. According to Forrester, by 2020 wearable devices will be common in many organizations, and by 2024 they will be instrumental to how many employees do their jobs.
Wearable devices promise to transform the enterprise by enabling constant connectivity and hands-free interaction with data and equipment. But there are clear security implications. As we saw with smartphones and tablets, when these devices connect to the corporate network, they invariably put the enterprise’s information assets at risk.
We recommend preparing in advance for the inevitable security challenges of wearable technology, and making the necessary adjustments to your existing Enterprise Mobility Management (EMM) solution with a thoughtful Managed Mobility Services (MMS) strategy. Here’s how:
- Evaluate wearable devices on a case-by-case basis. As executives and employees begin requesting wearables for business use, the enterprise will need to evaluate each device to determine potential risk. To do this effectively, IT will need visibility into each device’s potential to store and transfer data, and any existing security vulnerabilities.
- Establish an acceptable use policy. Once the organization has approved a wearable device, acceptable use policies will need to be implemented and employees will need to be trained on the device’s risks and security implications. Although precise policies will vary according to industry and risk potential, we recommend permitting only enterprise-approved wearables in the work environment, banning unapproved and insecure devices, enforcing robust authentication measures for network access, and implementing real-time monitoring and usage tracking.
- Integrate wearables into your existing EMM strategy. Enterprise-approved wearables will need to be managed, updated, and secured in much the same way that smartphones and tablets are. We advise the organizations we work with to centralize the device configuration process and enforce geo-fencing, application blacklist policies, and remote wipe capabilities for these devices.
- Upgrade the network’s security infrastructure. Evaluate your existing security infrastructure to determine what upgrades will need to be made to account for wearable devices. For example, the infrastructure will ideally be able to analyze data flows, identify the type of wearable device sending and receiving data across the network, and detect and control the movement of data to wearable devices.